Alaeiyan et al., 2022 - Google Patents
A hierarchical layer of atomic behavior for malicious behaviors predictionAlaeiyan et al., 2022
- Document ID
- 12529475918078667527
- Author
- Alaeiyan M
- Parsa S
- Publication year
- Publication venue
- Journal of Computer Virology and Hacking Techniques
External Links
Snippet
Early prediction of malicious activity can help prevent irreparable damage caused by rogue actions. A malware analysis tool can anticipate malicious activity and stop the execution of the instance based on API calls to avoid the damage caused by the malware. The …
- 230000006399 behavior 0 title abstract description 159
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
- G06F21/562—Static detection
- G06F21/563—Static detection by source code analysis
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/577—Assessing vulnerabilities and evaluating computer system security
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for programme control, e.g. control unit
- G06F9/06—Arrangements for programme control, e.g. control unit using stored programme, i.e. using internal store of processing equipment to receive and retain programme
- G06F9/44—Arrangements for executing specific programmes
- G06F9/455—Emulation; Software simulation, i.e. virtualisation or emulation of application or operating system execution engines
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06N—COMPUTER SYSTEMS BASED ON SPECIFIC COMPUTATIONAL MODELS
- G06N5/00—Computer systems utilising knowledge based models
- G06N5/02—Knowledge representation
- G06N5/022—Knowledge engineering, knowledge acquisition
- G06N5/025—Extracting rules from data
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F8/00—Arrangements for software engineering
- G06F8/70—Software maintenance or management
- G06F8/75—Structural analysis for program understanding
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F17/00—Digital computing or data processing equipment or methods, specially adapted for specific functions
- G06F17/30—Information retrieval; Database structures therefor; File system structures therefor
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material
- G06F21/12—Protecting executable software
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F8/00—Arrangements for software engineering
- G06F8/40—Transformations of program code
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06N—COMPUTER SYSTEMS BASED ON SPECIFIC COMPUTATIONAL MODELS
- G06N5/00—Computer systems utilising knowledge based models
- G06N5/04—Inference methods or devices
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06N—COMPUTER SYSTEMS BASED ON SPECIFIC COMPUTATIONAL MODELS
- G06N99/00—Subject matter not provided for in other groups of this subclass
- G06N99/005—Learning machines, i.e. computer in which a programme is changed according to experience gained by the machine itself during a complete run
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2145—Inheriting rights or properties, e.g., propagation of permissions or restrictions within a hierarchy
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/36—Preventing errors by testing or debugging software
- G06F11/3604—Software analysis for verifying properties of programs
- G06F11/3612—Software analysis for verifying properties of programs by runtime analysis
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06Q—DATA PROCESSING SYSTEMS OR METHODS, SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q10/00—Administration; Management
- G06Q10/06—Resources, workflows, human or project management, e.g. organising, planning, scheduling or allocating time, human or machine resources; Enterprise planning; Organisational models
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Chowdhury et al. | Malware analysis and detection using data mining and machine learning classification | |
| Norouzi et al. | A data mining classification approach for behavioral malware detection | |
| Ghiasi et al. | Dynamic VSA: a framework for malware detection based on register contents | |
| Eskandari et al. | HDM-Analyser: a hybrid analysis approach based on data mining techniques for malware detection | |
| Alrubaye et al. | Learning to recommend third-party library migration opportunities at the API level | |
| Salehi et al. | Using feature generation from API calls for malware detection | |
| Polino et al. | Jackdaw: Towards automatic reverse engineering of large datasets of binaries | |
| Carlin et al. | The effects of traditional anti-virus labels on malware detection using dynamic runtime opcodes | |
| Kumar et al. | Evaluating the impact of malware analysis techniques for securing web applications through a decision-making framework under fuzzy environment | |
| Carlin et al. | A cost analysis of machine learning using dynamic runtime opcodes for malware detection | |
| Ullah et al. | Clone detection in 5G-enabled social IoT system using graph semantics and deep learning model | |
| Cabau et al. | Malware classification based on dynamic behavior | |
| Wang et al. | LSCDroid: Malware detection based on local sensitive API invocation sequences | |
| Alrabaee et al. | On leveraging coding habits for effective binary authorship attribution | |
| Eskandari et al. | To incorporate sequential dynamic features in malware detection engines | |
| Pirch et al. | Tagvet: Vetting malware tags using explainable machine learning | |
| Alrabaee et al. | CPA: Accurate cross-platform binary authorship characterization using LDA | |
| Lin et al. | Towards interpreting ML-based automated malware detection models: A survey | |
| Kim et al. | LOM: lightweight classifier for obfuscation methods | |
| Alaeiyan et al. | A hierarchical layer of atomic behavior for malicious behaviors prediction | |
| Naeem et al. | Identifying vulnerable IoT applications using deep learning | |
| Raheja et al. | Classification of Microsoft office vulnerabilities: a step ahead for secure software development | |
| Babaagba et al. | Nowhere metamorphic malware can hide-a biological evolution inspired detection scheme | |
| Kim et al. | A software classification scheme using binary-level characteristics for efficient software filtering | |
| Rozenberg et al. | A method for detecting unknown malicious executables |